<!DOCTYPE HTML>

<html lang="en">
<head>

<title>ServerOAuth2AuthorizedClientExchangeFilterFunction (spring-security-docs 5.6.3 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="../../../../../../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../../../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../../../../../../script.js"></script>
<script type="text/javascript" src="../../../../../../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../../../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../../../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../../../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../../../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
    try {
        if (location.href.indexOf('is-external=true') == -1) {
            parent.document.title="ServerOAuth2AuthorizedClientExchangeFilterFunction (spring-security-docs 5.6.3 API)";
        }
    }
    catch(err) {
    }
//-->
var data = {"i0":9,"i1":10,"i2":9,"i3":9,"i4":42,"i5":10,"i6":42,"i7":10,"i8":10};
var tabs = {65535:["t0","All Methods"],1:["t1","Static Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"],32:["t6","Deprecated Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../../../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav">

<div class="topNav"><a id="navbar.top">

</a>
<div class="skipNav"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_top");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">

</a></div>

</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>

<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.springframework.security.oauth2.client.web.reactive.function.client</a></div>
<h2 title="Class ServerOAuth2AuthorizedClientExchangeFilterFunction" class="title">Class ServerOAuth2AuthorizedClientExchangeFilterFunction</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li>java.lang.Object</li>
<li>
<ul class="inheritance">
<li>org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><code>org.springframework.web.reactive.function.client.ExchangeFilterFunction</code></dd>
</dl>
<hr>
<pre>public final class <span class="typeNameLabel">ServerOAuth2AuthorizedClientExchangeFilterFunction</span>
extends java.lang.Object
implements org.springframework.web.reactive.function.client.ExchangeFilterFunction</pre>
<div class="block">Provides an easy mechanism for using an <a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> to make OAuth2
requests by including the token as a Bearer Token.
<h3>Authentication and Authorization Failures</h3>
<p>
Since 5.3, this filter function has the ability to forward authentication (HTTP 401
Unauthorized) and authorization (HTTP 403 Forbidden) failures from an OAuth 2.0
Resource Server to a <a href="../../../../ReactiveOAuth2AuthorizationFailureHandler.html" title="interface in org.springframework.security.oauth2.client"><code>ReactiveOAuth2AuthorizationFailureHandler</code></a>. A
<a href="../../../../RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.html" title="class in org.springframework.security.oauth2.client"><code>RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler</code></a> can be used to
remove the cached <a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a>, so that future requests will result
in a new token being retrieved from an Authorization Server, and sent to the Resource
Server.
</p>
<p>
If the
<a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#%3Cinit%3E(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository,org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository)"><code>ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository)</code></a>
constructor is used, a
<a href="../../../../RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.html" title="class in org.springframework.security.oauth2.client"><code>RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler</code></a> will be
configured automatically.
</p>
<p>
If the
<a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#%3Cinit%3E(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager)"><code>ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveOAuth2AuthorizedClientManager)</code></a>
constructor is used, a
<a href="../../../../RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.html" title="class in org.springframework.security.oauth2.client"><code>RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler</code></a> will
<em>NOT</em> be configured automatically. It is recommended that you configure one via
<a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#setAuthorizationFailureHandler(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler)"><code>setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler)</code></a>.
</p></div>
<dl>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>5.1</dd>
</dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.summary">

</a>
<h3>Constructor Summary</h3>
<table class="memberSummary">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Constructor</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#%3Cinit%3E(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager)">ServerOAuth2AuthorizedClientExchangeFilterFunction</a></span>&#8203;(<a href="../../../../ReactiveOAuth2AuthorizedClientManager.html" title="interface in org.springframework.security.oauth2.client">ReactiveOAuth2AuthorizedClientManager</a>&nbsp;authorizedClientManager)</code></th>
<td class="colLast">
<div class="block">Constructs a <code>ServerOAuth2AuthorizedClientExchangeFilterFunction</code> using the
provided parameters.</div>
</td>
</tr>
<tr class="rowColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#%3Cinit%3E(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository,org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository)">ServerOAuth2AuthorizedClientExchangeFilterFunction</a></span>&#8203;(<a href="../../../../registration/ReactiveClientRegistrationRepository.html" title="interface in org.springframework.security.oauth2.client.registration">ReactiveClientRegistrationRepository</a>&nbsp;clientRegistrationRepository,
<a href="../../../server/ServerOAuth2AuthorizedClientRepository.html" title="interface in org.springframework.security.oauth2.client.web.server">ServerOAuth2AuthorizedClientRepository</a>&nbsp;authorizedClientRepository)</code></th>
<td class="colLast">
<div class="block">Constructs a <code>ServerOAuth2AuthorizedClientExchangeFilterFunction</code> using the
provided parameters.</div>
</td>
</tr>
</table>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">

</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t1" class="tableTab"><span><a href="javascript:show(1);">Static Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t6" class="tableTab"><span><a href="javascript:show(32);">Deprecated Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code>static java.util.function.Consumer&lt;java.util.Map&lt;java.lang.String,&#8203;java.lang.Object&gt;&gt;</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#clientRegistrationId(java.lang.String)">clientRegistrationId</a></span>&#8203;(java.lang.String&nbsp;clientRegistrationId)</code></th>
<td class="colLast">
<div class="block">Modifies the <code>ClientRequest.attributes()</code> to include the
<a href="../../../../registration/ClientRegistration.html#getRegistrationId()"><code>ClientRegistration.getRegistrationId()</code></a> to be used to look up the
<a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a>.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>reactor.core.publisher.Mono&lt;org.springframework.web.reactive.function.client.ClientResponse&gt;</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#filter(org.springframework.web.reactive.function.client.ClientRequest,org.springframework.web.reactive.function.client.ExchangeFunction)">filter</a></span>&#8203;(org.springframework.web.reactive.function.client.ClientRequest&nbsp;request,
org.springframework.web.reactive.function.client.ExchangeFunction&nbsp;next)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>static java.util.function.Consumer&lt;java.util.Map&lt;java.lang.String,&#8203;java.lang.Object&gt;&gt;</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#oauth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient)">oauth2AuthorizedClient</a></span>&#8203;(<a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client">OAuth2AuthorizedClient</a>&nbsp;authorizedClient)</code></th>
<td class="colLast">
<div class="block">Modifies the <code>ClientRequest.attributes()</code> to include the
<a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> to be used for providing the Bearer Token.</div>
</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>static java.util.function.Consumer&lt;java.util.Map&lt;java.lang.String,&#8203;java.lang.Object&gt;&gt;</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#serverWebExchange(org.springframework.web.server.ServerWebExchange)">serverWebExchange</a></span>&#8203;(org.springframework.web.server.ServerWebExchange&nbsp;serverWebExchange)</code></th>
<td class="colLast">
<div class="block">Modifies the <code>ClientRequest.attributes()</code> to include the
<code>ServerWebExchange</code> to be used for providing the Bearer Token.</div>
</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#setAccessTokenExpiresSkew(java.time.Duration)">setAccessTokenExpiresSkew</a></span>&#8203;(java.time.Duration&nbsp;accessTokenExpiresSkew)</code></th>
<td class="colLast">
<div class="block"><span class="deprecatedLabel">Deprecated.</span>
<div class="deprecationComment">The <code>accessTokenExpiresSkew</code> should be configured with the
specific <a href="../../../../ReactiveOAuth2AuthorizedClientProvider.html" title="interface in org.springframework.security.oauth2.client"><code>ReactiveOAuth2AuthorizedClientProvider</code></a> implementation, e.g.</div>
</div>
</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#setAuthorizationFailureHandler(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler)">setAuthorizationFailureHandler</a></span>&#8203;(<a href="../../../../ReactiveOAuth2AuthorizationFailureHandler.html" title="interface in org.springframework.security.oauth2.client">ReactiveOAuth2AuthorizationFailureHandler</a>&nbsp;authorizationFailureHandler)</code></th>
<td class="colLast">
<div class="block">Sets the handler that handles authentication and authorization failures when
communicating to the OAuth 2.0 Resource Server.</div>
</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#setClientCredentialsTokenResponseClient(org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient)">setClientCredentialsTokenResponseClient</a></span>&#8203;(<a href="../../../../endpoint/ReactiveOAuth2AccessTokenResponseClient.html" title="interface in org.springframework.security.oauth2.client.endpoint">ReactiveOAuth2AccessTokenResponseClient</a>&lt;<a href="../../../../endpoint/OAuth2ClientCredentialsGrantRequest.html" title="class in org.springframework.security.oauth2.client.endpoint">OAuth2ClientCredentialsGrantRequest</a>&gt;&nbsp;clientCredentialsTokenResponseClient)</code></th>
<td class="colLast">
<div class="block"><span class="deprecatedLabel">Deprecated.</span>
<div class="deprecationComment">Use
<a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#%3Cinit%3E(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager)"><code>ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveOAuth2AuthorizedClientManager)</code></a>
instead.</div>
</div>
</td>
</tr>
<tr id="i7" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#setDefaultClientRegistrationId(java.lang.String)">setDefaultClientRegistrationId</a></span>&#8203;(java.lang.String&nbsp;clientRegistrationId)</code></th>
<td class="colLast">
<div class="block">If set, will be used as the default <a href="../../../../registration/ClientRegistration.html#getRegistrationId()"><code>ClientRegistration.getRegistrationId()</code></a>.</div>
</td>
</tr>
<tr id="i8" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#setDefaultOAuth2AuthorizedClient(boolean)">setDefaultOAuth2AuthorizedClient</a></span>&#8203;(boolean&nbsp;defaultOAuth2AuthorizedClient)</code></th>
<td class="colLast">
<div class="block">If true, a default <a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> can be discovered from the
current Authentication.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.java.lang.Object">

</a>
<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.springframework.web.reactive.function.client.ExchangeFilterFunction">

</a>
<h3>Methods inherited from interface&nbsp;org.springframework.web.reactive.function.client.ExchangeFilterFunction</h3>
<code>andThen, apply</code></li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.detail">

</a>
<h3>Constructor Detail</h3>
<a id="&lt;init&gt;(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>ServerOAuth2AuthorizedClientExchangeFilterFunction</h4>
<pre>public&nbsp;ServerOAuth2AuthorizedClientExchangeFilterFunction&#8203;(<a href="../../../../ReactiveOAuth2AuthorizedClientManager.html" title="interface in org.springframework.security.oauth2.client">ReactiveOAuth2AuthorizedClientManager</a>&nbsp;authorizedClientManager)</pre>
<div class="block">Constructs a <code>ServerOAuth2AuthorizedClientExchangeFilterFunction</code> using the
provided parameters.
<p>
When this constructor is used, authentication (HTTP 401) and authorization (HTTP
403) failures returned from a OAuth 2.0 Resource Server will <em>NOT</em> be
forwarded to a <a href="../../../../ReactiveOAuth2AuthorizationFailureHandler.html" title="interface in org.springframework.security.oauth2.client"><code>ReactiveOAuth2AuthorizationFailureHandler</code></a>. Therefore, future
requests to the Resource Server will most likely use the same (most likely invalid)
token, resulting in the same errors returned from the Resource Server. It is
recommended to configure a
<a href="../../../../RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.html" title="class in org.springframework.security.oauth2.client"><code>RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler</code></a> via
<a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#setAuthorizationFailureHandler(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler)"><code>setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler)</code></a>
so that authentication and authorization failures returned from a Resource Server
will result in removing the authorized client, so that a new token is retrieved for
future requests.
</p></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>authorizedClientManager</code> - the <a href="../../../../ReactiveOAuth2AuthorizedClientManager.html" title="interface in org.springframework.security.oauth2.client"><code>ReactiveOAuth2AuthorizedClientManager</code></a>
which manages the authorized client(s)</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>5.2</dd>
</dl>
</li>
</ul>
<a id="&lt;init&gt;(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository,org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository)">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>ServerOAuth2AuthorizedClientExchangeFilterFunction</h4>
<pre>public&nbsp;ServerOAuth2AuthorizedClientExchangeFilterFunction&#8203;(<a href="../../../../registration/ReactiveClientRegistrationRepository.html" title="interface in org.springframework.security.oauth2.client.registration">ReactiveClientRegistrationRepository</a>&nbsp;clientRegistrationRepository,
                                                          <a href="../../../server/ServerOAuth2AuthorizedClientRepository.html" title="interface in org.springframework.security.oauth2.client.web.server">ServerOAuth2AuthorizedClientRepository</a>&nbsp;authorizedClientRepository)</pre>
<div class="block">Constructs a <code>ServerOAuth2AuthorizedClientExchangeFilterFunction</code> using the
provided parameters.
<p>
Since 5.3, when this constructor is used, authentication (HTTP 401) and
authorization (HTTP 403) failures returned from an OAuth 2.0 Resource Server will
be forwarded to a
<a href="../../../../RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.html" title="class in org.springframework.security.oauth2.client"><code>RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler</code></a>, which will
potentially remove the <a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> from the given
<a href="../../../server/ServerOAuth2AuthorizedClientRepository.html" title="interface in org.springframework.security.oauth2.client.web.server"><code>ServerOAuth2AuthorizedClientRepository</code></a>, depending on the OAuth 2.0 error
code returned. Authentication failures returned from an OAuth 2.0 Resource Server
typically indicate that the token is invalid, and should not be used in future
requests. Removing the authorized client from the repository will ensure that the
existing token will not be sent for future requests to the Resource Server, and a
new token is retrieved from Authorization Server and used for future requests to
the Resource Server.
</p></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>clientRegistrationRepository</code> - the repository of client registrations</dd>
<dd><code>authorizedClientRepository</code> - the repository of authorized clients</dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">

</a>
<h3>Method Detail</h3>
<a id="oauth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>oauth2AuthorizedClient</h4>
<pre class="methodSignature">public static&nbsp;java.util.function.Consumer&lt;java.util.Map&lt;java.lang.String,&#8203;java.lang.Object&gt;&gt;&nbsp;oauth2AuthorizedClient&#8203;(<a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client">OAuth2AuthorizedClient</a>&nbsp;authorizedClient)</pre>
<div class="block">Modifies the <code>ClientRequest.attributes()</code> to include the
<a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> to be used for providing the Bearer Token. Example
usage:
<pre> WebClient webClient = WebClient.builder()
    .filter(new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager))
    .build();
 Mono&lt;String&gt; response = webClient
    .get()
    .uri(uri)
    .attributes(oauth2AuthorizedClient(authorizedClient))
    // ...
    .retrieve()
    .bodyToMono(String.class);
 </pre>
An attempt to automatically refresh the token will be made if all of the following
are true:
<ul>
<li>A refresh token is present on the OAuth2AuthorizedClient</li>
<li>The access token will be expired in
<a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#setAccessTokenExpiresSkew(java.time.Duration)"><code>setAccessTokenExpiresSkew(Duration)</code></a></li>
<li>The <a href="../../../../../../core/context/ReactiveSecurityContextHolder.html" title="class in org.springframework.security.core.context"><code>ReactiveSecurityContextHolder</code></a> will be used to attempt to save the
token. If it is empty, then the principal name on the OAuth2AuthorizedClient will
be used to create an Authentication for saving.</li>
</ul></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>authorizedClient</code> - the <a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> to use.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the <code>Consumer</code> to populate the</dd>
</dl>
</li>
</ul>
<a id="serverWebExchange(org.springframework.web.server.ServerWebExchange)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>serverWebExchange</h4>
<pre class="methodSignature">public static&nbsp;java.util.function.Consumer&lt;java.util.Map&lt;java.lang.String,&#8203;java.lang.Object&gt;&gt;&nbsp;serverWebExchange&#8203;(org.springframework.web.server.ServerWebExchange&nbsp;serverWebExchange)</pre>
<div class="block">Modifies the <code>ClientRequest.attributes()</code> to include the
<code>ServerWebExchange</code> to be used for providing the Bearer Token. Example usage:
<pre> WebClient webClient = WebClient.builder()
    .filter(new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager))
    .build();
 Mono&lt;String&gt; response = webClient
    .get()
    .uri(uri)
    .attributes(serverWebExchange(serverWebExchange))
    // ...
    .retrieve()
    .bodyToMono(String.class);
 </pre></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>serverWebExchange</code> - the <code>ServerWebExchange</code> to use</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the <code>Consumer</code> to populate the client request attributes</dd>
</dl>
</li>
</ul>
<a id="clientRegistrationId(java.lang.String)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>clientRegistrationId</h4>
<pre class="methodSignature">public static&nbsp;java.util.function.Consumer&lt;java.util.Map&lt;java.lang.String,&#8203;java.lang.Object&gt;&gt;&nbsp;clientRegistrationId&#8203;(java.lang.String&nbsp;clientRegistrationId)</pre>
<div class="block">Modifies the <code>ClientRequest.attributes()</code> to include the
<a href="../../../../registration/ClientRegistration.html#getRegistrationId()"><code>ClientRegistration.getRegistrationId()</code></a> to be used to look up the
<a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a>.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>clientRegistrationId</code> - the <a href="../../../../registration/ClientRegistration.html#getRegistrationId()"><code>ClientRegistration.getRegistrationId()</code></a> to
be used to look up the <a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a>.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the <code>Consumer</code> to populate the attributes</dd>
</dl>
</li>
</ul>
<a id="setDefaultOAuth2AuthorizedClient(boolean)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setDefaultOAuth2AuthorizedClient</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setDefaultOAuth2AuthorizedClient&#8203;(boolean&nbsp;defaultOAuth2AuthorizedClient)</pre>
<div class="block">If true, a default <a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> can be discovered from the
current Authentication. It is recommended to be cautious with this feature since
all HTTP requests will receive the access token if it can be resolved from the
current Authentication.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>defaultOAuth2AuthorizedClient</code> - true if a default
<a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> should be used, else false. Default is false.</dd>
</dl>
</li>
</ul>
<a id="setDefaultClientRegistrationId(java.lang.String)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setDefaultClientRegistrationId</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setDefaultClientRegistrationId&#8203;(java.lang.String&nbsp;clientRegistrationId)</pre>
<div class="block">If set, will be used as the default <a href="../../../../registration/ClientRegistration.html#getRegistrationId()"><code>ClientRegistration.getRegistrationId()</code></a>.
It is recommended to be cautious with this feature since all HTTP requests will
receive the access token.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>clientRegistrationId</code> - the id to use</dd>
</dl>
</li>
</ul>
<a id="setClientCredentialsTokenResponseClient(org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setClientCredentialsTokenResponseClient</h4>
<pre class="methodSignature">@Deprecated
public&nbsp;void&nbsp;setClientCredentialsTokenResponseClient&#8203;(<a href="../../../../endpoint/ReactiveOAuth2AccessTokenResponseClient.html" title="interface in org.springframework.security.oauth2.client.endpoint">ReactiveOAuth2AccessTokenResponseClient</a>&lt;<a href="../../../../endpoint/OAuth2ClientCredentialsGrantRequest.html" title="class in org.springframework.security.oauth2.client.endpoint">OAuth2ClientCredentialsGrantRequest</a>&gt;&nbsp;clientCredentialsTokenResponseClient)</pre>
<div class="deprecationBlock"><span class="deprecatedLabel">Deprecated.</span>
<div class="deprecationComment">Use
<a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#%3Cinit%3E(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager)"><code>ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveOAuth2AuthorizedClientManager)</code></a>
instead. Create an instance of
<a href="../../../../ClientCredentialsReactiveOAuth2AuthorizedClientProvider.html" title="class in org.springframework.security.oauth2.client"><code>ClientCredentialsReactiveOAuth2AuthorizedClientProvider</code></a> configured with a
<a href="../../../../ClientCredentialsReactiveOAuth2AuthorizedClientProvider.html#setAccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient)"><code>WebClientReactiveClientCredentialsTokenResponseClient</code></a> (or a custom one) and than
supply it to
<a href="../../../DefaultReactiveOAuth2AuthorizedClientManager.html#setAuthorizedClientProvider(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider)"><code>DefaultReactiveOAuth2AuthorizedClientManager</code></a>.</div>
</div>
<div class="block">Sets the <a href="../../../../endpoint/ReactiveOAuth2AccessTokenResponseClient.html" title="interface in org.springframework.security.oauth2.client.endpoint"><code>ReactiveOAuth2AccessTokenResponseClient</code></a> used for getting an
<a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a> for the client_credentials grant.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>clientCredentialsTokenResponseClient</code> - the client to use</dd>
</dl>
</li>
</ul>
<a id="setAccessTokenExpiresSkew(java.time.Duration)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setAccessTokenExpiresSkew</h4>
<pre class="methodSignature">@Deprecated
public&nbsp;void&nbsp;setAccessTokenExpiresSkew&#8203;(java.time.Duration&nbsp;accessTokenExpiresSkew)</pre>
<div class="deprecationBlock"><span class="deprecatedLabel">Deprecated.</span>
<div class="deprecationComment">The <code>accessTokenExpiresSkew</code> should be configured with the
specific <a href="../../../../ReactiveOAuth2AuthorizedClientProvider.html" title="interface in org.springframework.security.oauth2.client"><code>ReactiveOAuth2AuthorizedClientProvider</code></a> implementation, e.g.
<a href="../../../../ClientCredentialsReactiveOAuth2AuthorizedClientProvider.html#setClockSkew(java.time.Duration)"><code>ClientCredentialsReactiveOAuth2AuthorizedClientProvider</code></a> or
<a href="../../../../RefreshTokenReactiveOAuth2AuthorizedClientProvider.html#setClockSkew(java.time.Duration)"><code>RefreshTokenReactiveOAuth2AuthorizedClientProvider</code></a>.</div>
</div>
<div class="block">An access token will be considered expired by comparing its expiration to now +
this skewed Duration. The default is 1 minute.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>accessTokenExpiresSkew</code> - the Duration to use.</dd>
</dl>
</li>
</ul>
<a id="filter(org.springframework.web.reactive.function.client.ClientRequest,org.springframework.web.reactive.function.client.ExchangeFunction)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>filter</h4>
<pre class="methodSignature">public&nbsp;reactor.core.publisher.Mono&lt;org.springframework.web.reactive.function.client.ClientResponse&gt;&nbsp;filter&#8203;(org.springframework.web.reactive.function.client.ClientRequest&nbsp;request,
                                                                                                           org.springframework.web.reactive.function.client.ExchangeFunction&nbsp;next)</pre>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code>filter</code>&nbsp;in interface&nbsp;<code>org.springframework.web.reactive.function.client.ExchangeFilterFunction</code></dd>
</dl>
</li>
</ul>
<a id="setAuthorizationFailureHandler(org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler)">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>setAuthorizationFailureHandler</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setAuthorizationFailureHandler&#8203;(<a href="../../../../ReactiveOAuth2AuthorizationFailureHandler.html" title="interface in org.springframework.security.oauth2.client">ReactiveOAuth2AuthorizationFailureHandler</a>&nbsp;authorizationFailureHandler)</pre>
<div class="block">Sets the handler that handles authentication and authorization failures when
communicating to the OAuth 2.0 Resource Server.
<p>
For example, a
<a href="../../../../RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.html" title="class in org.springframework.security.oauth2.client"><code>RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler</code></a> is
typically used to remove the cached <a href="../../../../OAuth2AuthorizedClient.html" title="class in org.springframework.security.oauth2.client"><code>OAuth2AuthorizedClient</code></a>, so that the
same token is no longer used in future requests to the Resource Server.
</p>
<p>
The failure handler used by default depends on which constructor was used to
construct this <a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html" title="class in org.springframework.security.oauth2.client.web.reactive.function.client"><code>ServerOAuth2AuthorizedClientExchangeFilterFunction</code></a>. See the
constructors for more details.
</p></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>authorizationFailureHandler</code> - the handler that handles authentication and
authorization failures.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>5.3</dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>

<footer role="contentinfo">
<nav role="navigation">

<div class="bottomNav"><a id="navbar.bottom">

</a>
<div class="skipNav"><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_bottom");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="ServerOAuth2AuthorizedClientExchangeFilterFunction.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">

</a></div>

</nav>
</footer>
<script>if (window.parent == window) {(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','//www.google-analytics.com/analytics.js','ga');ga('create', 'UA-2728886-23', 'auto', {'siteSpeedSampleRate': 100});ga('send', 'pageview');}</script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194" integrity="sha512-Gi7xpJR8tSkrpF7aordPZQlW2DLtzUlZcumS8dMQjwDHEnw9I7ZLyiOj/6tZStRBGtGgN6ceN6cMH8z7etPGlw==" data-cf-beacon='{"rayId":"7040f02beffc97cf","token":"bffcb8a918ae4755926f76178bfbd26b","version":"2021.12.0","si":100}' crossorigin="anonymous"></script>
</body>
</html>
